Relaying

Discussion in 'Installation/Configuration' started by dayjahone, Jan 21, 2007.

  1. dayjahone

    dayjahone Member

    How do I check to see if people are relaying mail from my server? I'm getting a lot of emails returned that I never sent.
     
    dayjahone, Jan 21, 2007
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    You can check your server with e.g. the following tool, if its a open relay:

    http://www.abuse.net/relay.html

    Please post also the output of the command:

     
    till, Jan 21, 2007
    #2
  3. dayjahone

    dayjahone Member

    According to the site, all relay is denied.

    Code:
    mynetworks = 127.0.0.0/8 172.16.10.0/24 [::1]/128 [fe80::205:5dff:fe4e:1558]/64 
mynetworks_style = subnet
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
smtpd_client_connection_limit_exceptions = $mynetworks
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/access, reject_invalid_hostname, permit
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains
     
    dayjahone, Jan 21, 2007
    #3
  4. martinfst

    martinfst Member Moderator

    Could it be a 'joe-job'? Meaning your e-mail address is abused as the sender of spam and all the bounces are as such directed to you. Look at the headers of the emails (bounces?) you get. Tracing which systems are used might give you an indication.
     
    martinfst, Jan 21, 2007
    #4
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Please add the line:

    mynetworks = 127.0.0.0/8

    to the file /etc/postfix/main.cf and restart postfix.
     
    till, Jan 21, 2007
    #5
  6. dayjahone

    dayjahone Member

    I'm getting emails from a person whose mail I host -- mail that he's not sending. I did "postconf | grep mynetworks" and got the following:

    Code:
    # postconf | grep mynetworks
mynetworks = 127.0.0.0/8
mynetworks_style = subnet
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks}
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
     
    dayjahone, Jul 9, 2009
    #6
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    This is very common for spammers. This does not mean that the email was send trough your server. Spammers often use faked sender addresses.
     
    till, Jul 10, 2009
    #7

Share This Page